Annual network penetration testing (PenTesting) is now considered to be an industry best practice for asset and wealth managers; but do you really know what a PenTest is?
Surprisingly, most compliance professionals (CCOs, CFOs, etc.) who procure those annual PenTests do not actually know what they are buying in a PenTest. And surprisingly, there are multiple types of Penetration Tests that can vary significantly in cost. If you are a PenTest purchaser and do not know the differences – you may be paying too much and not getting the security value you expect.
Click ‘read more’ below to learn about the different types, and where too many asset and wealth managers go wrong procuring PenTests.
This past June, the SEC fined JP Morgan $4m for deleting 47 million communications records. It doesn’t appear that JP Morgan intended to delete the communications, as the fault appears to have been with JP Morgan’s 3rd party journaling vendor. However, the deletion was permanent, meaning that these emails weren’t recoverable, and JP Morgan hadn’t performed proper Disaster Recovery testing to ensure the records were being properly protected.
This isn’t purely a compliance issue. It is actually a Disaster Recovery test failure! Click ‘Read More’ below for our thoughts on what you need to be conscious of when constructing your disaster recovery testing plan.
Click ‘read more’ below to get BW Cyber Founder, Michael Brice’s view on what he thinks asset and wealth managers should be doing to mitigate risk to your business from AI technology systems.
Upcoming Events
BW Cyber Founder Michael Brice is scheduled to speak at multiple upcoming industry events. On Thursday, September 21st, he’ll be discussing wire fraud at the SVB CFO Summit East 2023 conference in Miami, FL, and on October 18th and 19th, he’ll be in New York for AltsOps 2023, which BW Cyber is also sponsoring.
Click the links below for more information on the AltsOps event.
AltsOps 2023 Day 1 – Private Markets
AltsOps 2023 Day 2 – Hedge Funds